Senators revive US cybersecurity bill, with changes

July 21, 2012
by Rob Lever

Sen. Jay Rockefeller, pictured in 2011, was part of a group of US senators who revived stalled cybersecurity legislation by offering compromises to address civil liberties concerns, an effort quickly endorsed by President Barack Obama.

A group of US senators has revived stalled cybersecurity legislation by offering compromises to address civil liberties concerns, an effort quickly endorsed by President Barack Obama.

The new bill drew some support from Republican lawmakers amid a drive to pass legislation before the summer recess, but prospects for passage were unclear.

Lawmakers said they hope to bring the measure to the Senate floor in the upcoming week.

The bill aims to identify so-called "critical infrastructure," including electric power and utility computer networks, and provide oversight to ensure these are secure from attacks.

The revised measure removed some parts of a bill passed in April in the House of Representatives that provoked controversy.

It calls for a National Cybersecurity Council to assess vulnerabilities and would create a voluntary system of reporting attacks that could be damaging to the nation.

In announcing the compromise, Senator Jay Rockefeller called it "a critical first step in our country's response" to cybersecurity.

"We are moving forward in the spirit of compromise with an incentives-based voluntary approach because it is a crucial matter of public safety and national security that we do something now to ensure our most critical infrastructure is protected from cyber attacks," said Rockefeller, a Democrat who heads the Senate Commerce Committee.

Independent Senator Joe Lieberman acknowledged that the new bill is weaker than earlier versions, but added: "we are going to try carrots instead of sticks as we begin to improve our cyber defenses."

"If that doesn't work, a future Congress will undoubtedly come back and adopt a more coercive system," he said.

The bill creates no new regulators and provides no new authority for an agency to adopt new standards. But it would allow information-sharing among the private sector and the federal government to share threats, incidents, best practices and fixes.

It was endorsed by Republican Senator Susan Collins of Maine and Democrats Dianne Feinstein of California and Tom Carper of Delaware.

Obama, in a commentary in Friday's edition of The Wall Street Journal, backed the new bill while repeating his pledge to veto "any bill that lacks strong privacy and civil liberties protections."

"It doesn't take much to imagine the consequences of a successful cyber attack. In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home," Obama wrote.

"Taking down vital banking systems could trigger a financial crisis. The lack of clean water or functioning hospitals could spark a public health emergency. And as we've seen in past blackouts, the loss of electricity can bring businesses, cities and entire regions to a standstill."

Civil liberties and privacy groups, which rallied against the Cyber Intelligence Sharing and Protection Act passed by the House, gave a cautious welcome to the new effort.

Michelle Richardson of the American Civil Liberties Union said the new bill has "significant privacy amendments" but cautioned that there could efforts on the Senate floor to remove those protections.

"We will be carefully watching how this unfolds on the floor and will be calling on you to fight anti-privacy amendments and support ones that we expect will further limit the government's authority," she said.

Rainey Reitman and Lee Tien of the Electronic Frontier Foundation said in a blog post that "this new bill drastically improves upon the previous bill by addressing the most glaring privacy concerns," but added: "we remain unpersuaded that any of the proposed cybersecurity measures are necessary and we still have concerns about certain sections of the bill."

But James Lewis of the Center for Strategic and International Studies said that by watering down the bill, lawmakers had stripped out any real protection and left an essentially political bill.

Lewis said some politicians "want to pass legislation that has cybersecurity in the title before the election."

In order to provide real protection, Lewis said, "you would need a commission to designate specific infrastructure, with mandatory rules, so that these places would secure their networks."

Related Stories

(AP) -- House Republicans are pushing ahead with legislation to protect the nation's critical infrastructure and corporations from electronic attacks despite Obama administration objections that the legislation fails to ...

(AP) -- House Republicans and Democrats expressed optimism Friday about sending a cybersecurity bill to President Barack Obama this year despite significant disagreements with the Senate and the White House.

Recommended for you

Micro-grippers may be able to navigate unstructured environments and could help reduce risk during surgeries, according to a study published December 13, 2017 in the open-access journal PLOS ONE by Federico Ongaro from the ...

Cracking the German Enigma code is considered to be one of the decisive factors that hastened Allied victory in World War II. Starting with clues derived from espionage, computer scientists were able to work out the rules ...

How sensitive is the human sense of touch? Sensitive enough to feel the difference between surfaces that differ by just a single layer of molecules, a team of researchers at the University of California San Diego has shown.

Massachusetts Institute of Technology researchers can now predict how much energy solar cells will produce at any location worldwide. Surprisingly, they identified that two types of solar cells (silicon and cadmium telluride) ...

Consumers across the world enjoy Greek yogurt for its taste, texture, and protein-packed punch. Reaching that perfect formula, however, generates large volumes of food waste in the form of liquid whey. Now researchers in ...

Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost ...

6 comments

I'm all for protecting our infrastructure (Who isn't?), but that's not really what this is just about. They are trying to use that as an excuse to spy on all of us and act as "Big Brother" for our own good. Or rather for the good of the companies and corporations they represent. Otherwise they wouldn't have all the needless junk in these bills. There are much better ways of securing the infrastructure, while still securing our privacy, than they have come up with so far..

I have no doubt that the U.S. government is already doing everything it needs to do to insure it's security, legal or not. This is just an attempt to legitimize the use of information gained in questionable ways for use in persueing domestic lawbreakers.

Hades, they could claim that licking the wrong side of a postage stamp is a national security issue.

Experience is overrated in politics ... and I don't see Democrats doing jack about this alleged "take over". Both parties are on the corporate dole and you know it. Tired of the generalizations ... for every fucked up conservative you can name, I can name 2 fucked up liberals. I'm not religious (I despise it) and I'm conservative in fiscal matters only, otherwise I am liberal in that I'm pro-choice and support same sex marriage, among other things.

Please sign in to add a comment.
Registration is free, and takes less than a minute.
Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.